All Products
Search
Document Center

Resource Access Management:Unbind an MFA device from a RAM user

Last Updated:Dec 28, 2023

If you no longer require implementing multi-factor authentication (MFA) on a Resource Access Management (RAM) user, or you want to change the MFA device or MFA method for a RAM user, you can unbind the MFA device from the RAM user.

Warning

After you unbind the MFA device from the RAM user, the RAM user cannot use the MFA device for identity authentication. This compromises account security.

Unbind a virtual MFA device

  1. Log on to the RAM console with an Alibaba Cloud account or a RAM user who has administrative rights.

    Note

    If a RAM user of your Alibaba Cloud account is allowed to manage its own MFA device, the RAM user can unbind the MFA device in the RAM console. To unbind an MFA device, perform the following operations: Move the pointer over the profile picture in the upper-right corner of the console and click Security Information Management. On the Virtual MFA Device tab, click Disable Virtual MFA Device.

  2. In the left-side navigation pane, choose Identities > Users.

  3. In the User Logon Name/Display Name column, click the username of the RAM user for which you want to disable an MFA device.

  4. On the Authentication tab, click the Virtual MFA Device tab, and then click Disable Virtual MFA Device.

  5. Click Disable to disable MFA for the RAM user.

Unbind a U2F security key

  1. Log on to the RAM console with your Alibaba Cloud account or a RAM user that has administrative rights.

    Note

    If a RAM user of your Alibaba Cloud account is allowed to manage its own MFA device, the RAM user can unbind the MFA device in the RAM console. To unbind an MFA device, perform the following operations: Move the pointer over the profile picture in the upper-right corner of the console and click Security Information Management. On the U2F Security Key tab, click Disable U2F Security Key.

  2. In the left-side navigation pane, choose Identities > Users.

  3. In the User Logon Name/Display Name column, click the username of the RAM user for which you want to disable an MFA device.

  4. On the Authentication tab, click the U2F Security Key tab, and then click Disable U2F Security Key.

  5. Click Disable to unbind the U2F security key from the RAM user.

References